[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [ATM] SPAM AGAIN!

To: "Eric S. Johansson" <esj@harvee.org>
Subject: Re: [ATM] SPAM AGAIN!
From: Chris Rowland <chris_group_mail@dsl.pipex.com>
Date: Sun, 01 Jul 2007 02:06:56 +0100
Cc: atm@atmlist.net
Delivered-to: atm_arc@astro.umsystem.edu
In-reply-to: <4686D1AC.3090607@harvee.org>
List-archive: <http://www.atmlist.net/pipermail/atm>
List-help: <mailto:atm-request@atmlist.net?subject=help>
List-id: The Amateur Telescope Makers List <atm.atmlist.net>
List-post: <mailto:atm@atmlist.net>
List-subscribe: <http://www.atmlist.net/mailman/listinfo.cgi/atm>, <mailto:atm-request@atmlist.net?subject=subscribe>
List-unsubscribe: <http://www.atmlist.net/mailman/listinfo.cgi/atm>, <mailto:atm-request@atmlist.net?subject=unsubscribe>
References: <001101c7baa4$b63e7d60$ddadfea9@amd> <46862E62.1070408@dsl.pipex.com> <46864E6E.20104@harvee.org> <46867F7C.7020003@dsl.pipex.com> <46869EEF.6080004@optonline.net> <4686CC69.1060101@dsl.pipex.com> <4686D1AC.3090607@harvee.org>
Sender: atm-bounces@atmlist.net
User-agent: Thunderbird 1.5.0.12 (Windows/20070509)

Eric S. Johansson wrote:
> Chris Rowland wrote:
>> I am truly appalled about how complacent the senior members of this 
>> group are about their providing email addresses for spammers.
>>
>> You don't seem to have the slightest concern that you are providing 
>> totally open access to all our email addresses to anyone who wants 
>> them, without even the slightest attempt at preventing this.
> 
> You have no idea how small a slip or an opening was necessary for an 
> e-mail address to leak to spammers.

That's no justification for leaving a gaping hole. Its like saying "I 
don't want burglars to break the door down so I'll leave it open".

>> Your comments about there being other avenues are like saying there 
>> isn't any point in locking your doors because because some people can 
>> pick locks.  Its well known that security works because the criminals 
>> are lazy and will go elsewhere if you make it more difficult.
> 
> Or they break in any way because there are just so many methods to 
> choose from.

Just close the door and lock it. No need to hire security guards.

>> Nobody needs to go to any trouble to harvest email addresses when you 
>> provide them with no effort.
> 
> do you have any idea how many techniques have been broken by spammers?  
> Some of my mailing lists have private list only archives.  I've had 
> people signed up for accounts and never ever post.  If I paid attention 
> to blogs sometimes I find the archives are harvested.  The only way to 
> protect archives is to not have them in the first place or to a full 
> background check with complete body cavity search of every potential 
> subscriber.

Just obfuscating the archives would be a help. Replacing "@" with " at " 
in email address would help.  Only allowing access to the archives using 
the email address and password we signed up with would help.

It may not stop the determined spammer but it will at least stop the ATM 
Archives providing the low hanging fruit.  Making it expensive or 
difficult to get email addresses can't do any harm.

> Protecting a limited use e-mail address is a fantasy.  The only way you 
> can have a hope of protecting your e-mail addresses is to use disposable 
> addresses which you discard every three to six weeks.  Of course then 
> e-mail usefulness is limited.
> 
>> I'm not suggesting that this is the only way that spam can get to me 
>> through this email address but I do think that the ATM list should 
>> acknowledge that they are part of the problem and try to alleviate 
>> things rather that the current attitude that can basically be summed 
>> up as...
> 
> every mailing list as part of the problem.  Any place that collects 
> e-mail addresses that are even vaguely accessible from the outside world 
> is part of the problem.  I've had e-mail addresses I only use internally 
> gets spam.  Like I said.  It takes a whisper of an opening for an 
> address to leak
>>
>> Tough.
> 
>  ya.  It can also be phrased as "deal with the world as it is, not as 
> you want it to be."  another option is to work on alternative techniques 
> for dealing with spam and mailing lists.  I could use the help.  Must 
> know Python.

I'm on a number of lists.
Yahoo trys. Email addresses aren't available to casual browsers.
gMail seems to try.
phbb groups seem to be pretty secure.

All of these seem to prevent the casual harvester of emails. Its ONLY 
the ATM-list archives that comes up with my email addresses in simple 
searches - and I've found my primary email address there as well.

Deciding not even to try because it may not work is a council of despair.

Can you at least do something to stop this continuing please. It can't 
be that difficult to obfuscate the email addresses in the ATM Archives 
for the future.

It might be worth considering making the list private

This will help people in the future and all we need to do is change our 
email addresses and ISPs once more and will have a chance to leave the 
junk behind.

By the way, in the UK the Data Protection Act could make it illegal not 
to protect our email addresses. Maybe that's why I'm more bothered about 
this than you are.

Chris

_______________________________________________
ATM mailing list http://www.atmlist.net/

Prev by Author: Re: [ATM] cutting a big piece of plate glass into mirror or tool
Next by Author: Re: [ATM] re spam
Previous by thread: Re: [ATM] Sharpie test: a little help?
Next by thread: Re: [ATM] SPAM AGAIN!
Index(es):
- Author
- Thread